750 million phones jeopardized by SIM card flaw

A weakness in SIM card encryption technology could allow attackers to snoop on mobile phone conversations, according to a Berlin-based security researcher.

No less than 750 million mobile handsets are affected by the flaw which allows hackers to obtain a SIM card’s 56-digit key that facilitates modification of the card, said Karsten Nohl, founder of Security Research Labs. Nohl told reporters he was able to carry out such a hack in just “two minutes using a standard PC.”

Among the things a potential hacker can do, one a SIM card’s digital key is cracked are:

  • Read data embedded on the SIM
  • Install software on the handset that runs independently of the phone
  • Steal data from the SIM card
  • Steal personal information
  • Eavesdrop on phone conversations
  • Alter account information

The vulnerability was found in the Digital Encryption Standard, a cryptographic method developed by IBM in the 1970s and used in billions of phones today.


Mobile malware threats increasing
Security in medical devices questions

The encryption method has been enhanced in the past decades since then but many handsets still use the old standard. A test showed that 1,000 SIM cards in Europe and North American shows signs of the flaw.

Read the whole story here



Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Article

ADaPT connects employers with highly skilled young workers

Help wanted. That’s what many tech companies across Canada are saying, and research shows that as the demand for skilled workers...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now